BCS Foundation Certificate in Information Security Management Principles V9.0 試験
【2024桜まつりキャンペーン】:CISMP-V9 最新真題を買う時、日本語版と英語版両方を同時に獲得できます。
実際の問題集を練習し、試験のポイントを了解し、テストに申し込むするかどうかを決めることができます。
さらに試験準備時間の35%を節約するには、CISMP-V9 問題集を使用してください。
Question No : 1
Which security framework impacts on organisations that accept credit cards, process credit card transactions, store relevant data or transmitcredit card data?
正解:
Explanation:
https://digitalguardian.com/blog/what-pci-compliance
Question No : 2
Which of the following types of organisation could be considered the MOST at risk from the theft of electronic based credit card data?
正解:
Question No : 3
One traditional use of a SIEM appliance is to monitor for exceptions received via syslog.
What system from the following does NOT natively support syslog events?
正解:
Question No : 4
When considering the disposal of confidential data, equipment and storage devices, what social engineering technique SHOULD always betaken into consideration?
正解:
Question No : 5
Which of the following testing methodologies TYPICALLY involves code analysis in an offline environment without ever actually executing the code?
正解:
Question No : 6
Which of the following is MOST LIKELY to be described as a consequential loss?
正解:
Question No : 7
Which of the following cloud delivery models is NOT intrinsically "trusted" in terms of security by clients using the service?
正解:
Question No : 8
What form of risk assessment is MOST LIKELY to provide objective support for a security Return on Investment case?
正解:
Question No : 9
Which of the following controls would be the MOST relevant and effective in detecting zero
day attacks?
正解:
Explanation:
https://www.sciencedirect.com/topics/computer-science/zero-day-attack
Question No : 10
Data Protection & Privacy.
正解:
Question No : 11
Which security concept provides redundancy in the event a security control failure or the exploitation of a vulnerability?
正解:
Explanation:
https://en.wikipedia.org/wiki/Defense_in_depth_(computing)
Question No : 12
Which term describes a vulnerability that is unknown and therefore has no mitigating control which is immediately and generally available?
正解:
Explanation:
https://en.wikipedia.org/wiki/Zero-day_(computing)
Question No : 13
In terms of security culture, what needs to be carried out as an integral part of security by all members of an organisation and is an essential component to any security regime?
正解:
Question No : 14
What Is the PRIMARY reason for organisations obtaining outsourced managed security services?
正解:
Question No : 15
Which of the following is NOT considered to be a form of computer misuse?
正解: